package com.ignou.mca.evote;

import java.io.IOException;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;

import javax.servlet.Servlet;
import javax.servlet.ServletConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.ignou.mca.datasource.DataBaseUtilities;
import com.ignou.mca.datasource.Encryption;
import com.ignou.mca.beans.Message;
import com.ignou.mca.beans.VotersFormBean;
import com.ignou.mca.util.SessionUtil;


/**
 * Servlet implementation class ForgottenPassword
 */
public class ForgottenPassword extends HttpServlet {

	protected void doPost(HttpServletRequest req, HttpServletResponse resp)
			throws ServletException, IOException {
		String securityQues = req.getParameter("securityQuestion");
		String securityAns = req.getParameter("securityAnswer");
		String email = req.getParameter("email");
		
		Message message = new Message();
		HttpSession session = req.getSession(true);
		req.setAttribute("Message", message);
		DataBaseUtilities dbu = new DataBaseUtilities();
		
		ServletContext context = getServletContext();
		if ((email.equalsIgnoreCase(""))) {
			message.setMessage("You have not completed all the fields. Please complete all fields.");
			context.getRequestDispatcher("/ForgottenPassword.jsp").forward(req,
					resp);
		} else {
			Connection conn = dbu.getConnection();
			Statement st;
			try {
				st = conn.createStatement();
				ResultSet rs = st.executeQuery("select securityAnswer,password,email,securityQuestion from users where email like '"
						+ email + "'");
				String password = "";
				String mailId = "";
				String secQues = "";
				String secAns = "";
				
				if(rs.next()) {
					secAns = rs.getString(1);
					password = rs.getString(2);
					mailId = rs.getString(3);
					secQues = rs.getString(4);
				}else
				{
					password = "NOPASSWORD";
				}
				
				if(securityQues.equalsIgnoreCase(secQues) && securityAns.equalsIgnoreCase(secAns))
				{
					SessionUtil.sendMail(email, "", password, "forgotPwd","");
					context.getRequestDispatcher("/DisplayForgottenPassword.jsp?code="+Encryption.encrypt(password)).forward(req, resp);
				}else
				{
					context.getRequestDispatcher("/DisplayForgottenPassword.jsp?code="+Encryption.encrypt(password)).forward(req, resp);
				}
				
			} catch (Exception e) {
				// TODO Auto-generated catch block
				e.printStackTrace();
			}
			
			/*boolean password = dbu.checkSecurityAnswer(userName, securityAns,email);
			
			// Validation
			if (password) {
				message.setMessage("You have entered wrong answer. Please check and try again");
			} else {
				message.setMessage("Your Password Successfully mailed to you.");
				context.getRequestDispatcher("/index.html").forward(req,
						resp);
			}*/
		}
	}

	protected void doGet(HttpServletRequest req, HttpServletResponse resp)
			throws ServletException, IOException {
	}

}
